Thales, a critical information systems, cybersecurity, and data security company, announced the results of its “2018 Thales Data Threat Report, Healthcare Edition,” revealing only 30% of global healthcare organizations have remain untouched by a data breach. Worryingly, 39% of these organizations have been breached in the last year alone, while the majority of respondents (70%) reported being breached in the past—a 17% increase from the 2016 report. Issued in conjunction with analyst firm 451 Research, the findings also highlight the negative impact cybercriminals are having, with over half (55%) feeling “very” or “extremely” vulnerable to data breaches.
In an effort to provide more efficient services—and with an eye toward cutting costs—the healthcare industry has more recently been turning its attention toward embracing digitally transformative technologies, including cloud, big data, Internet of Things, and containers. These technologies allow organizations to better create and manage data, as well as store critical information more efficiently.
Almost all (93%) of global respondents reported using these technologies with sensitive data. With each new technology comes unique data security challenges that must be addressed, as they increase the attack surface available. Among some of the more notable findings from this year’s report:
- All (100%) global respondents surveyed are leveraging cloud technologies, with 54% using three or more cloud vendors for infrastructure (IaaS) as opposed to having it onsite
- One-third (33%) of global respondents are using more than 50 cloud-based software applications (SaaS); and 54% are using three or more cloud-based platform (PaaS) environments
- Almost all (99%) of global respondents are using big data; 94% are working on or using mobile payments, and 94% have a blockchain project implemented or are in the process of implementing one
- 96% are leveraging IoT technologies, which may include internet-connected heart-rate monitors, implantable defibrillators and insulin pumps
Consequently, these organizations have emerged as a prime target for hackers, putting valuable medical data at risk. While a stolen credit card has a time-limited value, PHI and electronic medical records (EMR) are packed with immutable data that can, and do, fetch hundreds of dollars per stolen record on illegal online markets.
